Natural language processing allows computers to process interactions between users to identify some primitives of language. Natural language processing uses grammatical rules or other analysis such as morphemic, syntactic and semantic analysis to define the true meaning of a sentence or a phrase. However, security systems in existence today generally do not use the primitives of language obtained using morphemic, syntactic and semantic analysis to enable effective monitoring and protection of networks and data from threats, such as errant employees. Errant employees may subvert the policies of the enterprise using the access they are granted for their normal work duties to perform subversive activities. For security systems and managers monitoring the employees, actions of the errant employee are often indistinguishable from the actions of an employee performing their job. A security system may monitor interactions such as emails but may not detect subversive activities unless blatantly discussed in the emails. Even manual analysis of the interactions is unlikely to detect such subversive activities. This obstacle is made even more difficult because interactions over computer networks are missing physical behavioral clues. For example, emotional state of users is extremely difficult to detect from emails, and as a result, it can be difficult for managers to identify errant employees or users. Also, employees engaged in subversive activities may be careful to hide their tracks in any interactions such as email and other documents they exchange. Using standard network security policies may not detect the subversive activities.